CIRCIA

How to create, test, and maintain an incident response plan aligned with NIST SP 800-61r3 and CSF 2.0, covering preparation, detection, containment, and regulatory reporting obligations.

The Cyber Incident Reporting for Critical Infrastructure Act (CIRCIA) will require critical infrastructure entities to report cyber incidents to CISA within 72 hours and ransomware payments within 24 hours, with the final rule now expected May 2026.